PKG_NAME:=dnsmasq
PKG_VERSION:=2.71
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
define Package/dnsmasq/Default
SECTION:=net
CATEGORY:=Base system
- TITLE:=A lightweight DNS and DHCP server
+ TITLE:=DNS and DHCP server
URL:=http://www.thekelleys.org.uk/dnsmasq/
endef
define Package/dnsmasq-full
$(call Package/dnsmasq/Default)
- TITLE += (with DHCPv6 and DNSSEC)
+ TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPSET)
DEPENDS:=@IPV6 +kmod-ipv6 +libnettle
VARIANT:=full
endef
define Package/dnsmasq-full/description
$(call Package/dnsmasq/description)
-This is a variant with DHCPv6 and DNSSEC support
+This is a variant with DHCPv6, DNSSEC, Authroitative DNS and IPSET support
endef
define Package/dnsmasq/conffiles
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
-COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6) -DNO_IPSET -DNO_AUTH
+COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6)
ifeq ($(BUILD_VARIANT),nodhcpv6)
COPTS += -DNO_DHCP6
ifeq ($(BUILD_VARIANT),full)
COPTS += -DHAVE_DNSSEC
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
+else
+ COPTS += -DNO_AUTH -DNO_IPSET
endif
MAKE_FLAGS := \
+++ /dev/null
-From 063efb330a3f341c2548e2cf1f67f83e49cd6395 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Tue, 17 Jun 2014 19:49:31 +0100
-Subject: [PATCH] Build config: add -DNO_GMP for use with nettle/mini-gmp
-
----
- Makefile | 2 +-
- bld/pkg-wrapper | 9 +++++++--
- src/config.h | 7 +++++++
- src/dnssec.c | 3 ++-
- 4 files changed, 17 insertions(+), 4 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index c58b50b..17eeb27 100644
---- a/Makefile
-+++ b/Makefile
-@@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CON
- lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
- nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
- nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
--gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --copy -lgmp`
-+gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC NO_GMP --copy -lgmp`
- sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
- version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
-
-diff --git a/bld/pkg-wrapper b/bld/pkg-wrapper
-index 9f9332d..0ddb678 100755
---- a/bld/pkg-wrapper
-+++ b/bld/pkg-wrapper
-@@ -11,9 +11,14 @@ in=`cat`
-
- if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
- echo $in | grep $search >/dev/null 2>&1; then
--
-+# Nasty, nasty, in --copy, arg 2 is another config to search for, use with NO_GMP
- if [ $op = "--copy" ]; then
-- pkg="$*"
-+ if grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
-+ echo $in | grep $pkg >/dev/null 2>&1; then
-+ pkg=""
-+ else
-+ pkg="$*"
-+ fi
- elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
- echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
- pkg=`$pkg --static $op $*`
-diff --git a/src/config.h b/src/config.h
-index 2155544..ee6d218 100644
---- a/src/config.h
-+++ b/src/config.h
-@@ -105,6 +105,8 @@ HAVE_AUTH
- define this to include the facility to act as an authoritative DNS
- server for one or more zones.
-
-+HAVE_DNSSEC
-+ include DNSSEC validator.
-
- NO_IPV6
- NO_TFTP
-@@ -118,6 +120,11 @@ NO_AUTH
- which are enabled by default in the distributed source tree. Building dnsmasq
- with something like "make COPTS=-DNO_SCRIPT" will do the trick.
-
-+NO_NETTLE_ECC
-+ Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions.
-+NO_GMP
-+ Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
-+
- LEASEFILE
- CONFFILE
- RESOLVFILE
-diff --git a/src/dnssec.c b/src/dnssec.c
-index 44d626b..2ffb75d 100644
---- a/src/dnssec.c
-+++ b/src/dnssec.c
-@@ -26,7 +26,8 @@
- # include <nettle/ecc-curve.h>
- #endif
- #include <nettle/nettle-meta.h>
--#include <gmp.h>
-+#include <nettle/bignum.h>
-+
-
- #define SERIAL_UNDEF -100
- #define SERIAL_EQ 0
---
-2.0.0
-
--- /dev/null
+From 063efb330a3f341c2548e2cf1f67f83e49cd6395 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 17 Jun 2014 19:49:31 +0100
+Subject: [PATCH] Build config: add -DNO_GMP for use with nettle/mini-gmp
+
+---
+ Makefile | 2 +-
+ bld/pkg-wrapper | 9 +++++++--
+ src/config.h | 7 +++++++
+ src/dnssec.c | 3 ++-
+ 4 files changed, 17 insertions(+), 4 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -61,7 +61,7 @@ lua_cflags = `echo $(COPTS) | $(top)/
+ lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.1`
+ nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags nettle hogweed`
+ nettle_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --libs nettle hogweed`
+-gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --copy -lgmp`
++gmp_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC NO_GMP --copy -lgmp`
+ sunos_libs = `if uname | grep SunOS >/dev/null 2>&1; then echo -lsocket -lnsl -lposix4; fi`
+ version = -DVERSION='\"`$(top)/bld/get-version $(top)`\"'
+
+--- a/bld/pkg-wrapper
++++ b/bld/pkg-wrapper
+@@ -11,9 +11,14 @@ in=`cat`
+
+ if grep "^\#[[:space:]]*define[[:space:]]*$search" config.h >/dev/null 2>&1 || \
+ echo $in | grep $search >/dev/null 2>&1; then
+-
++# Nasty, nasty, in --copy, arg 2 is another config to search for, use with NO_GMP
+ if [ $op = "--copy" ]; then
+- pkg="$*"
++ if grep "^\#[[:space:]]*define[[:space:]]*$pkg" config.h >/dev/null 2>&1 || \
++ echo $in | grep $pkg >/dev/null 2>&1; then
++ pkg=""
++ else
++ pkg="$*"
++ fi
+ elif grep "^\#[[:space:]]*define[[:space:]]*${search}_STATIC" config.h >/dev/null 2>&1 || \
+ echo $in | grep ${search}_STATIC >/dev/null 2>&1; then
+ pkg=`$pkg --static $op $*`
+--- a/src/config.h
++++ b/src/config.h
+@@ -105,6 +105,8 @@ HAVE_AUTH
+ define this to include the facility to act as an authoritative DNS
+ server for one or more zones.
+
++HAVE_DNSSEC
++ include DNSSEC validator.
+
+ NO_IPV6
+ NO_TFTP
+@@ -118,6 +120,11 @@ NO_AUTH
+ which are enabled by default in the distributed source tree. Building dnsmasq
+ with something like "make COPTS=-DNO_SCRIPT" will do the trick.
+
++NO_NETTLE_ECC
++ Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions.
++NO_GMP
++ Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
++
+ LEASEFILE
+ CONFFILE
+ RESOLVFILE
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -26,7 +26,8 @@
+ # include <nettle/ecc-curve.h>
+ #endif
+ #include <nettle/nettle-meta.h>
+-#include <gmp.h>
++#include <nettle/bignum.h>
++
+
+ #define SERIAL_UNDEF -100
+ #define SERIAL_EQ 0
--- /dev/null
+--- a/src/dhcp.c
++++ b/src/dhcp.c
+@@ -146,7 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd)
+ struct iovec iov;
+ ssize_t sz;
+ int iface_index = 0, unicast_dest = 0, is_inform = 0;
+- struct in_addr iface_addr;
++ struct in_addr iface_addr, *addrp = NULL;
+ struct iface_param parm;
+ #ifdef HAVE_LINUX_NETWORK
+ struct arpreq arp_req;
+@@ -272,11 +272,9 @@ void dhcp_packet(time_t now, int pxe_fd)
+ {
+ ifr.ifr_addr.sa_family = AF_INET;
+ if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) != -1 )
+- iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
+- else
+ {
+- my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
+- return;
++ addrp = &iface_addr;
++ iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
+ }
+
+ for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
+@@ -295,7 +293,7 @@ void dhcp_packet(time_t now, int pxe_fd)
+ parm.relay_local.s_addr = 0;
+ parm.ind = iface_index;
+
+- if (!iface_check(AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name, NULL))
++ if (!iface_check(AF_INET, (struct all_addr *)addrp, ifr.ifr_name, NULL))
+ {
+ /* If we failed to match the primary address of the interface, see if we've got a --listen-address
+ for a secondary */
+@@ -315,6 +313,12 @@ void dhcp_packet(time_t now, int pxe_fd)
+ complete_context(match.addr, iface_index, NULL, match.netmask, match.broadcast, &parm);
+ }
+
++ if (!addrp)
++ {
++ my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name);
++ return;
++ }
++
+ if (!iface_enumerate(AF_INET, &parm, complete_context))
+ return;
+
--- /dev/null
+--- a/src/ipset.c
++++ b/src/ipset.c
+@@ -22,7 +22,6 @@
+ #include <errno.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+-#include <sys/utsname.h>
+ #include <arpa/inet.h>
+ #include <linux/version.h>
+ #include <linux/netlink.h>
+@@ -72,7 +71,7 @@ struct my_nfgenmsg {
+
+ #define NL_ALIGN(len) (((len)+3) & ~(3))
+ static const struct sockaddr_nl snl = { .nl_family = AF_NETLINK };
+-static int ipset_sock, old_kernel;
++static int ipset_sock;
+ static char *buffer;
+
+ static inline void add_attr(struct nlmsghdr *nlh, uint16_t type, size_t len, const void *data)
+@@ -87,25 +86,7 @@ static inline void add_attr(struct nlmsg
+
+ void ipset_init(void)
+ {
+- struct utsname utsname;
+- int version;
+- char *split;
+-
+- if (uname(&utsname) < 0)
+- die(_("failed to find kernel version: %s"), NULL, EC_MISC);
+-
+- split = strtok(utsname.release, ".");
+- version = (split ? atoi(split) : 0);
+- split = strtok(NULL, ".");
+- version = version * 256 + (split ? atoi(split) : 0);
+- split = strtok(NULL, ".");
+- version = version * 256 + (split ? atoi(split) : 0);
+- old_kernel = (version < KERNEL_VERSION(2,6,32));
+-
+- if (old_kernel && (ipset_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) != -1)
+- return;
+-
+- if (!old_kernel &&
++ if (
+ (buffer = safe_malloc(BUFF_SZ)) &&
+ (ipset_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER)) != -1 &&
+ (bind(ipset_sock, (struct sockaddr *)&snl, sizeof(snl)) != -1))
+@@ -168,62 +149,16 @@ static int new_add_to_ipset(const char *
+ }
+
+
+-static int old_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int remove)
+-{
+- socklen_t size;
+- struct ip_set_req_adt_get {
+- unsigned op;
+- unsigned version;
+- union {
+- char name[IPSET_MAXNAMELEN];
+- uint16_t index;
+- } set;
+- char typename[IPSET_MAXNAMELEN];
+- } req_adt_get;
+- struct ip_set_req_adt {
+- unsigned op;
+- uint16_t index;
+- uint32_t ip;
+- } req_adt;
+-
+- if (strlen(setname) >= sizeof(req_adt_get.set.name))
+- {
+- errno = ENAMETOOLONG;
+- return -1;
+- }
+-
+- req_adt_get.op = 0x10;
+- req_adt_get.version = 3;
+- strcpy(req_adt_get.set.name, setname);
+- size = sizeof(req_adt_get);
+- if (getsockopt(ipset_sock, SOL_IP, 83, &req_adt_get, &size) < 0)
+- return -1;
+- req_adt.op = remove ? 0x102 : 0x101;
+- req_adt.index = req_adt_get.set.index;
+- req_adt.ip = ntohl(ipaddr->addr.addr4.s_addr);
+- if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0)
+- return -1;
+-
+- return 0;
+-}
+-
+-
+-
+ int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove)
+ {
+ int af = AF_INET;
+
+ #ifdef HAVE_IPV6
+ if (flags & F_IPV6)
+- {
+ af = AF_INET6;
+- /* old method only supports IPv4 */
+- if (old_kernel)
+- return -1;
+- }
+ #endif
+
+- return old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove);
++ return new_add_to_ipset(setname, ipaddr, af, remove);
+ }
+
+ #endif
projects / openwrt / svn-archive / archive.git / commitdiff